Information Security News mailing list archives
Macromedia: Flash is secure
From: InfoSec News <isn () C4I ORG>
Date: Tue, 9 Jan 2001 00:16:30 -0600
http://www.zdnet.com/zdnn/stories/news/0,4586,2672473,00.html By Reuters January 8, 2001 3:53 PM PT Macromedia Inc. on Monday said its own tests have shown there is no risk that its popular Flash multimedia player could allow a computer virus to be sent to attack the computers of Internet users. The popular Flash software allows digital artists and Web designers to create short animated movies and cartoons, which can be downloaded and viewed by Internet users. Last week, a software engineer posted a message to a popular security Web site, Bugtraq (www.securityfocus.com), claiming that the program could allow a malicious program to be sent down the pipe to users' PCs. In response to that report, Macromedia said it conducted extensive testing of its software last week, but concluded that there is no security loophole. A security bug in Flash could be devastating due to the software's near-ubiquity--some 96 percent of all personal computers accessing the Internet have some version of Flash installed, according to Macromedia. Microsoft Corp.'s popular Outlook email program was the instrument for the whirlwind spread of the Love Letter virus, which was estimated to have hit 45 million computers on a single day in May. Macromedia said a Flash movie could be created to intentionally cause the software residing on users' PCs to crash, but that no other programs--including viruses--can be sent to exploit it. "This is simply a software crash, not a security issue," said Peter Santangeli, vice president of engineering at San Francisco-based Macromedia. "Flash is a constrained environment by design. You'd never get the (virus) to work." ISN is hosted by SecurityFocus.com --- To unsubscribe email LISTSERV () SecurityFocus com with a message body of "SIGNOFF ISN".
Current thread:
- Macromedia: Flash is secure InfoSec News (Jan 08)